Tor Project Releases Browser Version 6.0

The Tor Project has announced the first stable release in the 6.0 series of its privacy-focused web browser.

On Monday, the Tor Browser Team published a blog post in which it discusses some of the browser’s new features.

First, the newest browser version is now up-to-date with Firefox 45-Extended Support Release (ESR), which means users can now enjoy HTML5 support and leave their Adobe Flash plugins disabled on most of the websites they visit.

Full compatibility with Firefox 45-ESR also means Tor Browser users can now leverage the Push API for dynamic notifications and enjoy support for the newest JavaScript standards.

Second, the Browser Team has instituted code-signing for OS X systems, a measure which the team hopes will help Mac users get the Tor browser to work on their machines without too much interference from the Gatekeeper security app.

On the security layer, the newest browser version no longer supports SHA-1 certificates, and it sports a fix for a DLL hijacking vulnerability related to the Windows installer. The team has also reinstated the update.xml hash check that was disabled in Firefox 43.

Last but not least, the Tor Browser Team has asked that its Disconnect search engine provide it with DuckDuckGo search results instead of Google. Per the announcement post:

“[F]or a while now Disconnect has no access to Google search results anymore which we used in Tor Browser. Disconnect being more a meta search engine which allows users to choose between different search providers fell back to delivering Bing search results which were basically unacceptable quality-wise. While Disconnect is still trying to fix the situation we asked them to change the fallback to DuckDuckGo as their search results are strictly better than the ones Bing delivers.”

To review a full log of changes regarding Tor Browser 6.0, please click here. You can also install the browser on your Windows, Mac, or Linux machine.

This new release comes several months after the Tor Project accused the FBI of having paid researchers at Carnegie Mellon University to launch an attack on the service in 2014 in an effort to expose some of its users.